aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux
diff options
context:
space:
mode:
authorDan Carpenter <error27@gmail.com>2010-06-12 14:56:01 -0400
committerJames Morris <jmorris@namei.org>2010-08-02 01:35:04 -0400
commit338437f6a09861cdf76e1396ed5fa6dee9c7cabe (patch)
treee693392adf370b81af129b326bba45bf43f03862 /security/selinux
parent38184c522249dc377366d4edc41dc500c2c3bb9e (diff)
selinux: fix error codes in cond_read_bool()
The original code always returned -1 (-EPERM) on error. The new code returns either -ENOMEM, or -EINVAL or it propagates the error codes from lower level functions next_entry() or hashtab_insert(). next_entry() returns -EINVAL. hashtab_insert() returns -EINVAL, -EEXIST, or -ENOMEM. Signed-off-by: Dan Carpenter <error27@gmail.com> Acked-by: Stephen D. Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/selinux')
-rw-r--r--security/selinux/ss/conditional.c13
1 files changed, 8 insertions, 5 deletions
diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c
index 0389263b99c..c91e150c308 100644
--- a/security/selinux/ss/conditional.c
+++ b/security/selinux/ss/conditional.c
@@ -223,34 +223,37 @@ int cond_read_bool(struct policydb *p, struct hashtab *h, void *fp)
223 223
224 booldatum = kzalloc(sizeof(struct cond_bool_datum), GFP_KERNEL); 224 booldatum = kzalloc(sizeof(struct cond_bool_datum), GFP_KERNEL);
225 if (!booldatum) 225 if (!booldatum)
226 return -1; 226 return -ENOMEM;
227 227
228 rc = next_entry(buf, fp, sizeof buf); 228 rc = next_entry(buf, fp, sizeof buf);
229 if (rc < 0) 229 if (rc)
230 goto err; 230 goto err;
231 231
232 booldatum->value = le32_to_cpu(buf[0]); 232 booldatum->value = le32_to_cpu(buf[0]);
233 booldatum->state = le32_to_cpu(buf[1]); 233 booldatum->state = le32_to_cpu(buf[1]);
234 234
235 rc = -EINVAL;
235 if (!bool_isvalid(booldatum)) 236 if (!bool_isvalid(booldatum))
236 goto err; 237 goto err;
237 238
238 len = le32_to_cpu(buf[2]); 239 len = le32_to_cpu(buf[2]);
239 240
241 rc = -ENOMEM;
240 key = kmalloc(len + 1, GFP_KERNEL); 242 key = kmalloc(len + 1, GFP_KERNEL);
241 if (!key) 243 if (!key)
242 goto err; 244 goto err;
243 rc = next_entry(key, fp, len); 245 rc = next_entry(key, fp, len);
244 if (rc < 0) 246 if (rc)
245 goto err; 247 goto err;
246 key[len] = '\0'; 248 key[len] = '\0';
247 if (hashtab_insert(h, key, booldatum)) 249 rc = hashtab_insert(h, key, booldatum);
250 if (rc)
248 goto err; 251 goto err;
249 252
250 return 0; 253 return 0;
251err: 254err:
252 cond_destroy_bool(key, booldatum, NULL); 255 cond_destroy_bool(key, booldatum, NULL);
253 return -1; 256 return rc;
254} 257}
255 258
256struct cond_insertf_data { 259struct cond_insertf_data {